Data security is a topic of great importance in today’s world. Global organizations must work to continually protect their operations while minimizing the risks to business continuity. Data security is, after all, business security.
So, it should come as no surprise that data security was a primary focus at Cohesity Catalyst, our recent data and security and management summit. Several keynote sessions from Day 1 of Catalyst discussed context, vision, and innovations for data security and management.
Kevin Mandia stresses the importance of cyber resilience
First, in the rapidly evolving world of cybersecurity, the need for collaboration and resilience has never been more crucial. Two prominent figures in the security industry, Sanjay Poonen, CEO and President of Cohesity, and Kevin Mandia, CEO of Mandiant and a Cohesity board member, spoke about the importance of cooperation, preparedness, and maintaining a sense of duty.
As one of the world’s foremost cybersecurity experts, Mandia’s inclusion on the Cohesity board brought immense value to the data security and management landscape. With his expertise and experience, he swiftly integrated himself into the team, recognizing the key components necessary to tackle the challenges faced by the industry.
Poonen and Mandia share a crucial perspective—rather than competing against one another, security industry players should prioritize cooperation. The magnitude of security incidents necessitates a collective response, where organizations work together for the greater good. Security is a team sport, so everyone plays a critical role in safeguarding against cyber threats. When responsibility for protecting critical systems and data is shared, threat actors have less chance of success, and business outcomes improve.
Watch the full fireside chat between Sanjay Poonen and Kevin Mandia.
The expanded scope of cyber recovery
Resilience is the core of a mature security program, which must cover not only the basics but also second-stage security capabilities like cyber recovery. If you can’t swiftly recover critical systems and data after a cyberattack, your security strategy isn’t as comprehensive as it needs to be. Boards now acknowledge that incidents are inevitable, so enterprises must prioritize resilience alongside prevention.
Plus, organizations can use cyber recovery capabilities for other purposes, such as system upgrades, data migration, and business continuity planning. By expanding the scope of cyber recovery, organizations can maximize their investments and strengthen their overall security posture.
Data security is a team sport
Also worth highlighting: the urgent need for a collaborative approach to security. Since no single solution can provide comprehensive protection, a Data Security Alliance that leverages a diverse ecosystem of tools and technologies fulfills the complex requirements of data security better than any one player, tool, or technology could on its own. Working together as a team to defend against sophisticated threats is simply more effective than siloed efforts.
Good cybersecurity demands preparation
Preparedness is the key to effective incident response and cyber recovery. Tabletop exercises provide a simulated environment to test and refine response plans. But these exercises shouldn’t focus only on incident response. They must also incorporate resilience. When organizations practice how to rapidly recover critical systems and data, they improve their overall readiness and increase their likelihood of an effective response.
And while organizations should always strive for excellence, they’d be wise to also embrace imperfection. In the realm of cybersecurity, it’s crucial to acknowledge that no security solution can completely prevent all threats. While most incidents are non-destructive, preparing for the one that manages to get through is essential. A sense of duty and nerves of steel enable security professionals to persist in the face of adversity. Striving for excellence involves continuously improving security measures and staying up to date on new innovations.
Innovations for Cohesity DataHawk
One such innovation is Cohesity DataHawk, whose capabilities include data classification, threat protection, and cyber vaulting. Chris Kent, vice president of Solutions and Product Marketing, and Megan LeFlamme, director of Product Marketing, highlight how this product is emblematic of Cohesity’s innovative approach to data security and management.
As the threat landscape continues to evolve, ensuring the security and resiliency of critical data is paramount—and data classification, threat protection, and cyber vaulting are more important than ever. Partnerships and integrations that streamline operations and provide comprehensive security standards for on-premises, cloud, and edge environments are equally significant.
Cohesity has OEMed two industry-leading capabilities to provide customers with the optimal capabilities for data classification and for threat protection. For DataHawk data classification, BigID provides proven machine learning (ML) and artificial intelligence (AI) capabilities to help ensure that organizations can assess the impact of an attack on sensitive data with precision and confidence. Advanced capabilities ensure that sensitive data is accurately identified regardless of structure and that administrators don’t need to develop specialized skills to use these functions.
For threat protection, Cohesity leverages AI and ML-curated threat feeds from Qualys, so organizations can be confident that backup data is free from ransomware threats. DataHawk threat protection provides point-and-click scanning for ransomware indicators of compromise (IOCs) in data backups. Organizations can proactively scan backup data to remove overhead from production systems, and—during a recovery operation—can ensure they don’t reintroduce ransomware threats to their environments.
Award-winning SaaS cyber vaulting solution
Comprehensive data security and management must include a cyber vaulting strategy that protects across on-prem, cloud, and edge environments. With DataHawk, customers get the award-winning SaaS cyber vaulting solution in Cohesity FortKnox. FortKnox seamlessly manages and protects workloads with point-and-click simplicity, to Amazon S3 or Glacier, so organizations can mitigate risks and ensure the continuity of critical operations.
Why integrations matter
DataHawk also provides integrations with various tools and platforms and aligns with the National Institute of Standards and Technology (NIST) framework. For example, the integration with ServiceNow facilitates monitoring of the Cohesity environment for potential risks and outages. Additionally, the integration with CrowdStrike automates response to threats, enabling swift action when security incidents occur.
In an era of increasing cyber threats, the security and resiliency of critical data is nonnegotiable. By embracing collaborative approaches, leveraging cyber vaulting, threat protection, and data classification, and prioritizing integrations for security operations and controls, organizations can greatly enhance their security posture with modern data security and management. Protecting data and streamlining operations through comprehensive data security measures is key to mitigating risks and safeguarding valuable assets.
Watch the Demo: Security and resilience for your critical data.
Cyber risk in real life and simulations
When it comes to cyber risk, there are real-world learnings and simulated ones.
To learn more about geopolitical tensions, the increasing use of AI by malicious actors, misinformation campaigns, and the activities of nation-state and criminal actors—you’ll want to check out “The Future of Cyber Risk” discussion from Cohesity Catalyst featuring Alex Stamos, director of the Stanford Internet Observatory. Previously the Chief Security Officer at Facebook and Yahoo, Stamos is currently working to improve the security and safety of the Internet through teaching and research.
And there’s nothing more valuable than a chance to hone your skills through a high-quality simulation. Experience first-hand what it’s like to have your company data held to ransom, discover potential vulnerabilities in your current setup, and learn from our team of industry experts—all in just 2 hours (and with no actual risk to your organization). We invite you to explore our ransomware resilience workshops.